openSUSE-SU-2020:1631-1

Опубликовано: 07 окт. 2020

Источник: suse-cvrf

Описание

Security update for kdeconnect-kde

This update for kdeconnect-kde fixes the following issues:

kdeconnect-kde was updated to fix various security issues in its default enabled network service (CVE-2020-26164, boo#1176268):

Список пакетов

openSUSE Leap 15.1

kdeconnect-kde-20.04.2-lp152.2.3.1

kdeconnect-kde-lang-20.04.2-lp152.2.3.1

kdeconnect-kde-zsh-completion-20.04.2-lp152.2.3.1

openSUSE Leap 15.2

kdeconnect-kde-20.04.2-lp152.2.3.1

kdeconnect-kde-lang-20.04.2-lp152.2.3.1

kdeconnect-kde-zsh-completion-20.04.2-lp152.2.3.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/JGS2XKPSKWXJ2C2DYNFEMPSVHX37BLBB/
E-Mail link for openSUSE-SU-2020:1631-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1176268
SUSE Bug 1176268
https://www.suse.com/security/cve/CVE-2020-26164/
SUSE CVE CVE-2020-26164 page

Описание

In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack.

Затронутые продукты

openSUSE Leap 15.1:kdeconnect-kde-20.04.2-lp152.2.3.1

openSUSE Leap 15.1:kdeconnect-kde-lang-20.04.2-lp152.2.3.1

openSUSE Leap 15.1:kdeconnect-kde-zsh-completion-20.04.2-lp152.2.3.1

openSUSE Leap 15.2:kdeconnect-kde-20.04.2-lp152.2.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-26164.html
CVE-2020-26164
https://bugzilla.suse.com/1176268
SUSE Bug 1176268
https://bugzilla.suse.com/1177628
SUSE Bug 1177628

openSUSE-SU-2020:1631-1

Описание

Список пакетов

openSUSE Leap 15.1

openSUSE Leap 15.2

Ссылки

Уязвимость: CVE-2020-26164

Описание

Затронутые продукты

Ссылки